论文信息 - Using XACML for Embedded and Fine-Grained Access Control Policy

Using XACML for Embedded and Fine-Grained Access Control Policy

XACML (eXtensible Access Control Markup Language) is an access control policy language standardized by the OASIS (Organization for Advancement of Structured Information Standards). We have extended the standard XACML languages and processing models to allow the access control policies be embedded with digital content in the same XACML-like document. The original content can be further divided into multiple parts, each of which is encapsulated by its own XACML statements that specify the access control policy specific to this part, such that different policies can be applied to and enforced for different parts of the digital content. These embedded and fine-grained access control policy capabilities can be used to facilitate the protection, management and sharing of information no matter where the information resides. We have also developed an initial prototype of this XACML based mechanism for proof-of-concept purpose.

[1] Charles A. Shoniregun,et al. Securing XML Documents , 2004, Australas. J. Inf. Syst..

[2] Sabrina De Capitani di Vimercati,et al. A fine-grained access control system for XML documents , 2002, TSEC.

[3] Ernesto Damiani,et al. Controlling Access to XML Documents , 2001, IEEE Internet Comput..

[4] Michiharu Kudo,et al. XML document security based on provisional authorization , 2000, CCS.

[5] Lisa M. Marvel,et al. Integrated mandatory access control for digital data , 2008, SPIE Defense + Commercial Sensing.

[6] Stefano Valtolina,et al. Towards a Fine-Grained Access Control Model and Mechanisms for Semantic Databases , 2007, IEEE International Conference on Web Services (ICWS 2007).

[7] George Wilson,et al. Extending Linux for Multi-Level Security , 2007 .